package com.lawyers.database;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import org.apache.log4j.Logger;

import com.lawyers.common.UserVO;
import com.lawyers.util.MD5;



public class DBLogin extends DBAction{
	private static Logger logger = Logger.getLogger(DBLogin.class);
	public static UserVO loguear(String user,String pass){
		UserVO userVO = null;
		String conexionString = MySQL.establecerConexion();
		if(conexionString.equalsIgnoreCase("OK")){
			try {
				Connection connection = MySQL.getConnection();
				connection.setAutoCommit(true);
				String sql = "SELECT * FROM usuarios WHERE username = ? AND pass = ? AND estado = 'A' ";
				PreparedStatement pstmt = connection.prepareStatement(sql);
				
				pstmt.setString(1, user);
				pstmt.setString(2, MD5.parse(pass));
				ResultSet rs = pstmt.executeQuery();
				if(rs.next()){
					userVO = new UserVO();
					userVO.setUsername(rs.getString("username"));
					userVO.setIdUsuario(rs.getInt("id"));
					userVO.setPassword(rs.getString("pass"));
					userVO.setPerfil(rs.getString("perfil"));
					userVO.setEstado(rs.getString("estado"));
				}
				pstmt.close();
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
				logger.error("ERRROR SQL EXCEPTION");
			}
		}
		return userVO;
	}
}
